using System;
using System.Collections.Generic;
using System.Text;
using Security.Entities;
using Common;

namespace Security.Business
{
    public class AuthorizationService
    {
        public static void CheckRole(string roleName)
        {
            bool hasit = false;

            UserSession session = SessionState.Current[WebConstants.UserSession] as UserSession;
            if (session == null)
            {
                throw new Common.Errors.NotLoggedInError();
            }

            foreach (string role in session.Roles)
            {
                if (role.ToLower() == roleName.ToLower())
                {
                    hasit = true;
                    break;
                }
            }

            if (!hasit)
            {
                throw new Common.Errors.UnauthorizedError();
            }
        }

    }
}
